<?php
require_once 'config.php';

// 如果用户已登录，重定向到首页
if (isLoggedIn()) {
    redirect('index.php');
}

$errors = [];

// 处理表单提交
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $username = trim($_POST['username'] ?? '');
    $password = $_POST['password'] ?? '';
    
    // 验证用户名和密码
    if (empty($username)) {
        $errors[] = "用户名不能为空";
    }
    
    if (empty($password)) {
        $errors[] = "密码不能为空";
    }
    
    // 如果没有错误，则验证用户
    if (empty($errors)) {
        try {
            // 查询用户
            $stmt = $pdo->prepare("SELECT * FROM users WHERE username = ?");
            $stmt->execute([$username]);
            $user = $stmt->fetch();
            
            // 验证用户是否存在以及密码是否正确
            if ($user && password_verify($password, $user['password'])) {
                // 设置会话变量
                $_SESSION['user_id'] = $user['user_id'];
                $_SESSION['username'] = $user['username'];
                $_SESSION['user_type'] = $user['user_type'];
                
                // 设置成功消息
                $_SESSION['flash_message'] = "登录成功！欢迎回来，{$user['username']}";
                $_SESSION['flash_type'] = "success";
                
                // 重定向到首页
                redirect('index.php');
            } else {
                $errors[] = "用户名或密码不正确";
            }
        } catch (PDOException $e) {
            $errors[] = "登录失败: " . $e->getMessage();
        }
    }
}

// 页面标题
$page_title = "登录 - 图书借阅系统";

// 引入头部
include 'header.php';
?>

<div class="row justify-content-center">
    <div class="col-md-6">
        <div class="card shadow-lg border-0">
            <div class="card-header bg-white py-3">
                <h4 class="text-center mb-0"><i class="fas fa-sign-in-alt mr-2"></i>用户登录</h4>
            </div>
            <div class="card-body p-4">
                <?php if (!empty($errors)): ?>
                    <div class="alert alert-danger">
                        <ul class="mb-0">
                            <?php foreach ($errors as $error): ?>
                                <li><i class="fas fa-exclamation-circle mr-1"></i> <?php echo htmlspecialchars($error); ?></li>
                            <?php endforeach; ?>
                        </ul>
                    </div>
                <?php endif; ?>
                
                <form method="post" action="">
                    <div class="form-group">
                        <label for="username"><i class="fas fa-user mr-1"></i> 用户名</label>
                        <input type="text" class="form-control" id="username" name="username" value="<?php echo htmlspecialchars($_POST['username'] ?? ''); ?>" required>
                    </div>
                    
                    <div class="form-group">
                        <label for="password"><i class="fas fa-lock mr-1"></i> 密码</label>
                        <input type="password" class="form-control" id="password" name="password" required>
                    </div>
                    
                    <div class="form-group mt-4">
                        <button type="submit" class="btn btn-primary btn-block"><i class="fas fa-sign-in-alt mr-2"></i>登录</button>
                    </div>
                    
                    <div class="text-center mt-3">
                        <a href="register.php" class="btn btn-link"><i class="fas fa-user-plus mr-1"></i> 没有账号？立即注册</a>
                    </div>
                </form>
            </div>
        </div>
        
        <div class="text-center mt-4">
            <a href="index.php" class="btn btn-outline-secondary"><i class="fas fa-home mr-1"></i> 返回首页</a>
        </div>
    </div>
</div>

<?php include 'footer.php'; ?> 